CVE-2025-3855 CodeCanyon RISE Ultimate Project Manager Profile Picture save_profile_image resource injection

A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php/teammembers/saveprofileimage/ of the component Profile Picture Handler. The manipulation of the argument...

CVE-2025-3855

Summary of CVE-2025-3855 (CodeCanyon RISE Ultimate Project Manager 3.8.2) A vulnerability exists in the component “Profile Picture Handler” for the endpoint /index.php/team_members/save_profile_image/ where the argument profile_image_file is manipulated, leading to improper control of resource id...

PT-2025-17477 · Unknown · Codecanyon Rise Ultimate Project Manager

Name of the Vulnerable Software and Affected Versions: CodeCanyon RISE Ultimate Project Manager version 3.8.2 Description: A problem was found in the file /index.php/team members/save profile image/ of the component Profile Picture Handler. The manipulation of the argument profile image file lead...

CodeCanyon RISE Ultimate Project Manager 安全漏洞

CodeCanyon RISE Ultimate Project Manager is a project management and CRM software from CodeCanyon USA. A security vulnerability exists in CodeCanyon RISE Ultimate Project Manager version 3.8.2, which stems from an improper resource identifier control in file /index.php/teammembers/saveprofileimag...

CVE-2025-3219

A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is...

CVE-2025-3219

A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is...

CVE-2025-3219

A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is...

CVE-2025-3219 CodeCanyon Perfex CRM Project Discussions Module 2 cross site scripting

A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is...

CVE-2025-3219

The CVE-2025-3219 entry concerns CodeCanyon Perfex CRM 3.2.1. Affected is an unknown function in the file /perfex/clients/project/2 within the Project Discussions Module. The issue is a cross‑site scripting vulnerability triggered by manipulation of the argument description, with remote exploitat...

CVE-2025-3219 CodeCanyon Perfex CRM Project Discussions Module 2 cross site scripting

A vulnerability was found in CodeCanyon Perfex CRM 3.2.1. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project Discussions Module. The manipulation of the argument description leads to cross site scripting. It is...

CodeCanyon Perfex CRM 代码注入漏洞

CodeCanyon Perfex CRM is a self-hosted customer relationship management software from CodeCanyon. A code injection vulnerability exists in CodeCanyon Perfex CRM version 3.2.1, which stems from the fact that incorrect manipulation of the parameter description can lead to cross-site scripting...

PT-2025-14865 · Unknown · Codecanyon Perfex Crm

Name of the Vulnerable Software and Affected Versions: CodeCanyon Perfex CRM version 3.2.1 Description: A vulnerability was found in CodeCanyon Perfex CRM. It has been classified as problematic. Affected is an unknown function of the file /perfex/clients/project/2 of the component Project...

CVE-2025-2974

A vulnerability has been found in CodeCanyon Perfex CRM up to 3.2.1 and classified as problematic. This vulnerability affects unknown code of the file /contract of the component Contracts. The manipulation of the argument content leads to cross site scripting. The attack can be initiated remotely...

CVE-2025-2974 CodeCanyon Perfex CRM Contracts contract cross site scripting

A vulnerability has been found in CodeCanyon Perfex CRM up to 3.2.1 and classified as problematic. This vulnerability affects unknown code of the file /contract of the component Contracts. The manipulation of the argument content leads to cross site scripting. The attack can be initiated remotely...

CVE-2025-2974

CVE-2025-2974 affects CodeCanyon Perfex CRM (up to version 3.2.1). The vulnerability lies in the Contracts module, specifically the /contract code, where manipulation of input content enables cross-site scripting (XSS). Exploitation can be remote, and multiple sources note public disclosure of th...

CVE-2025-2974 CodeCanyon Perfex CRM Contracts contract cross site scripting

A vulnerability has been found in CodeCanyon Perfex CRM up to 3.2.1 and classified as problematic. This vulnerability affects unknown code of the file /contract of the component Contracts. The manipulation of the argument content leads to cross site scripting. The attack can be initiated remotely...

CVE-2024-9031

A vulnerability, which was classified as problematic, has been found in CodeCanyon CRMGo SaaS up to 7.2. This issue affects some unknown processing of the file /project/task/taskid/show. The manipulation of the argument comment leads to cross site scripting. The attack may be initiated remotely...

CVE-2024-9031

A vulnerability, which was classified as problematic, has been found in CodeCanyon CRMGo SaaS up to 7.2. This issue affects some unknown processing of the file /project/task/taskid/show. The manipulation of the argument comment leads to cross site scripting. The attack may be initiated remotely...

CVE-2024-9030

A vulnerability classified as problematic was found in CodeCanyon CRMGo SaaS 7.2. This vulnerability affects unknown code of the file /deal/noteid/note. The manipulation of the argument notes leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to th...

CVE-2024-9030

A vulnerability classified as problematic was found in CodeCanyon CRMGo SaaS 7.2. This vulnerability affects unknown code of the file /deal/noteid/note. The manipulation of the argument notes leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to th...